DEV Community

Building a Local Development Environment: Running a Next.js Full-Stack App with PostgreSQL and Minio S3 Using Docker

Alex on January 06, 2024

Table of Contents Introduction Prerequisites Building a local development environment 1. Create a Next.js application 2. Configure N...

Read full post

Prayson Wilfred Daniel • Jan 7 '24 • Edited

Nice 👌🏾. We could also pass secrets environments variables not plainly with something like …?


version: "3.9"
services:
  web:
    build:
      context: ../
      dockerfile: compose/web.Dockerfile
      args:
        NEXT_PUBLIC_CLIENTVAR: "clientvar"
    ports:
      - 3000:3000
    volumes:
      - ../:/app
    environment:
      - DATABASE_URL=postgresql://postgres:postgres@db:5432/myapp-db?schema=public
      - S3_ENDPOINT=minio
      - S3_PORT=9000
      - S3_ACCESS_KEY=minio
      - S3_SECRET_KEY_FILE=/run/secrets/s3_secret_key
      - S3_BUCKET_NAME=s3bucket
    secrets:
      - s3_secret_key
    depends_on:
      - db
      - minio
  db:
    image: postgres:15.3
    container_name: postgres
    ports:
      - 5432:5432
    environment:
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD_FILE: /run/secrets/db_password
      POSTGRES_DB: myapp-db
    volumes:
      - postgres-data:/var/lib/postgresql/data
    secrets:
      - db_password
    restart: unless-stopped
  minio:
    image: bitnami/minio:latest
    ports:
      - "9000:9000"
      - "9001:9001"
    volumes:
      - minio_storage:/data
    secrets:
      - s3_secret_key

secrets:
  db_password:
    file: ./db_password.txt  # Path to the file containing the DB password
  s3_secret_key:
    file: ./s3_secret_key.txt  # Path to the file containing the S3 secret key

volumes:
  postgres-data:
  minio_storage:

Nice 😊 work!

Alex • Jan 7 '24 • Edited

Thanks!

Right, you should never ever add real API keys or secrets in config files that are stored on GitHub. If you want to use other secrets, like GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET, you should store them in .env file and add it to .gitignore. Then you can use them in docker-compose.yml file like this:

    environment:
      - ...
      - GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID}
      - GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET}

And run docker-compose like this:

docker-compose -f compose/docker-compose.yml --env-file .env up

Prayson Wilfred Daniel • Jan 7 '24 • Edited

Totally. These files are not to be committed 🤭. By docker compose secrets, the sensitive variables are not stored as plain texts.

Dan • Jan 11 '24

Thanks for this post!

Whoa t3.app is neat, makes the set up super simple. Curious for thoughts on something I'm working on which is probably overbuilt for this type of tutorial: github.com/kurtosis-tech/kurtosis